Im trying to setup a very simple and fast reverse proxy with nginx. One thing that surprised me is that using my own certificate with nginx and receiving raw tcp at first requests are very similar (about ~300ms) but the next requests are actually much slower than fly’s TLS handler (which suddenly starts to process SSL in ~85ms). So, I wonder if there is some magic behind the fly’s network or if there is something I can do with my settings.
How far is your nginx server from where you’re testing? We do TLS at all the edges, so the speed difference could just be the difference in latency to our edge servers and to your nginx.
If you visit https://debug.fly.dev you can see where we’re doing TLS for you. The headers section has a Fly-Region. If you run your nginx on Fly in that region, you may get closer in speed :
Thank you !
I was testing with the containers at Chile (which is the closest available for now) but I didnt know that the Brazil’s servers (which is much closer than Chile) are already routing SSL traffic - just spent hours at an unfair competition lol.
Oooh! Yes that would do it. Sao Paulo to Chile is not a great internet route, it might even be faster in Atlanta if you want to do your own SSL (until we get Sao Paulo running).
Hm just tested here and Im getting ~500 ms with TLS handshake from São Paulo to Atlanta. (I confess that Im more surprised with the latency to scl being lower than the opposite).
You are right. I just checked our internal ping times and it’s ~47ms between Sao Paul and Santiago, then ~110ms to New York / Virginia / Atlanta. Seems like we have better connectivity between Sao Paulo and Santiago than I thought!
